1. Field
Embodiments of the invention relate to the field of networking; and more specifically, to the usage of physical layer information in combination with signaling and media parameters.
2. Background
A Session Border Controller (SBC) is a session aware device that typically sits at the border of a network and manages services (e.g., Voice over IP (VoIP)). A session can either be a voice, video, or other multimedia session. Typically, SBCs are inserted in the path of signaling traffic and/or media traffic. This allows the SBCs to inspect the signaling and/or media traffic and take action on that traffic.
Typically, SBCs have been implemented as a standalone device. A typical architecture includes placing an SBC in front of a softswitch to protect the softswitch from malicious traffic and perform other processing prior to the traffic reaching the softswitch.
VoIP is typically deployed in a network that has one or more SBCs. VoIP services are typically based on an open IP based network architecture. While this facilitates greater connectivity and makes it easier to introduce new services, it also renders the VoIP network vulnerable to issues that are typically associated with data networks (e.g., denial of service (DoS) attacks in the form of excessive signaling and/or malformed messages). Typical methods identify and authenticate subscribers based on the address of record (AOR) transmitted. An AOR is typically a SIP (Session Initiation Protocol) or SIPS URI (Uniform Resource Identifier) that points to a domain with a location service that can map the URI to another URI where the user might be available. Typically, the location service is populated through registrations. An AOR is frequently thought of as the “public address” of the user. The AOR may be a phone number or other information intended to be unique to a subscriber (e.g., email address, username/password, etc.). However, an AOR may be spoofed (e.g., a malicious user may impersonate a subscriber by using the AOR of that subscriber).
E911 (emergency calls) regulations require that subscriber location information (e.g., the street address where the call has been placed) be transmitted along with every emergency call. Typically, subscribers must manage their address information and update the information if they move.
SPIT (Spam over Internet Telephony) is the transmission of unsolicited SIP (Session Initiation Protocol) messages to one or more recipients in the network. SPIT reduces network capacity, is a burden in processing and the amount of network traffic, and is irritating to VoIP subscribers. SPIT messages may be detected by using white lists, black lists, circles of trust, or a combination of the above.